FBI warns of massive ATM ‘cash-out’ heist that could soon steal millions

The FBI has warned banks that a group of criminals might be planning a large-scale ‘ATM cash-out’ after receiving a tip from an unknown source.


The FBI has recently warned banks that a group of criminals might be planning a large-scale ‘ATM cash-out’ that could steal millions of dollars.

“The FBI has obtained unspecified reporting indicating cybercriminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” reads a confidential alert, reported by the cybersecurity blog KrebsOnSecurity, that the FBI shared with banks last week.

In the potential attack, criminals would first install malware on a payment card processor or bank network to gain access to card numbers and other information. They’d then use this access to remove fraud controls on ATMs, such as withdrawal limits. Finally, the group of criminals would use ‘clone cards’—plastic cards with customized magnetic strips—to withdraw money from ATMs in person at a predetermined time, likely on the weekend when banks are closed.

“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities,” the alert read. “The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”

In July, the KrebsOnSecurity blog broke a story “about an apparent unlimited operation used to extract a total of $2.4 million from accounts at the National Bank of Blacksburg in two separate ATM cashouts between May 2016 and January 2017.”

Another unlimited operation hit India’s Cosmos Bank just this weekend when criminals withdrew millions of dollars from ATMs in 29 countries in a two-hour timeframe.

“During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system,” the bank said.

So, how should bank customers protect themselves?

“They should be signed up for fraud alerts on their account,” Paul Benda, senior vice president of risk and cybersecurity policy at the American Bankers Association, told USA Today. “They should be monitoring their accounts for activity, and they should look for any unusual activity. If they see anything they should report it. A bank would much rather hear about a potential fraudulent charge that turns out to be something that you don’t remember buying versus not hearing about that at all.”

How to vaccinate the world’s most vulnerable? Build global partnerships.

Pfizer's partnerships strengthen their ability to deliver vaccines in developing countries.

Susan Silbermann, Global President of Pfizer Vaccines, looks on as a health care worker administers a vaccine in Rwanda. Photo: Courtesy of Pfizer.
Sponsored
  • Community healthcare workers face many challenges in their work, including often traveling far distances to see their clients
  • Pfizer is helping to drive the UN's sustainable development goals through partnerships.
  • Pfizer partnered with AMP and the World Health Organization to develop a training program for healthcare workers.
Keep reading Show less

James Patterson on writing: Plotting, research, and first drafts

The best-selling author tells us his methods.

Videos
  • James Patterson has sold 300 million copies of his 130 books, making him one of the most successful authors alive today.
  • He talks about how some writers can overdo it by adding too much research, or worse, straying from their outline for too long.
  • James' latest book, The President is Missing, co-written with former President Bill Clinton, is out now.
Keep reading Show less

How to split the USA into two countries: Red and Blue

Progressive America would be half as big, but twice as populated as its conservative twin.

Image: Dicken Schrader
Strange Maps
  • America's two political tribes have consolidated into 'red' and 'blue' nations, with seemingly irreconcilable differences.
  • Perhaps the best way to stop the infighting is to go for a divorce and give the two nations a country each
  • Based on the UN's partition plan for Israel/Palestine, this proposal provides territorial contiguity and sea access to both 'red' and 'blue' America
Keep reading Show less

Why the White House Correspondents’ Association dinner won’t feature a comedian in 2019

It's the first time the association hasn't hired a comedian in 16 years.

(Photo by Anna Webber/Getty Images for Vulture Festival)
Culture & Religion
  • The 2018 WHCA ended in controversy after comedian Michelle Wolf made jokes some considered to be offensive.
  • The WHCA apologized for Wolf's jokes, though some journalists and many comedians backed the comedian and decried arguments in favor of limiting the types of speech permitted at the event.
  • Ron Chernow, who penned a bestselling biography of Alexander Hamilton, will speak at next year's dinner.
Keep reading Show less